Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c399a4-53b6-4271-9b90-32bf1641fb3b/1/Ch8W1l2-KcFkVG7wM4vbKHN4R3Y.roa
File: Ch8W1l2-KcFkVG7wM4vbKHN4R3Y.roa (raw, json)
Hash identifier: V4IlmhJxCV4xeIbfy/3oXd/+/SQnNJ6kXZK4ntfahuM=
Subject key identifier: 0A:1F:16:D6:5D:BE:29:C1:64:54:6E:F0:33:8B:DB:28:73:78:47:76
Certificate issuer: /CN=bbbb2a4302094f4c3f5bada547ef4f7ede18e903
Certificate serial: 0194258F527B00A4172B5BF66AA11DAC2288
Authority key identifier: BB:BB:2A:43:02:09:4F:4C:3F:5B:AD:A5:47:EF:4F:7E:DE:18:E9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u7sqQwIJT0w_W62lR-9Pft4Y6QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c399a4-53b6-4271-9b90-32bf1641fb3b/1/Ch8W1l2-KcFkVG7wM4vbKHN4R3Y.roa
Signing time: Thu 02 Jan 2025 05:48:57 +0000
ROA not before: Thu 02 Jan 2025 05:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201749
IP address blocks: 194.31.93.0/24 maxlen: 24
194.31.193.0/24 maxlen: 24
194.31.199.0/24 maxlen: 24
194.31.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/c399a4-53b6-4271-9b90-32bf1641fb3b/1/u7sqQwIJT0w_W62lR-9Pft4Y6QM.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/c399a4-53b6-4271-9b90-32bf1641fb3b/1/u7sqQwIJT0w_W62lR-9Pft4Y6QM.mft
rsync://rpki.ripe.net/repository/DEFAULT/u7sqQwIJT0w_W62lR-9Pft4Y6QM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:52:7b:00:a4:17:2b:5b:f6:6a:a1:1d:ac:22:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbbb2a4302094f4c3f5bada547ef4f7ede18e903
Validity
Not Before: Jan 2 05:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a1f16d65dbe29c164546ef0338bdb2873784776
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:81:56:2d:7b:cd:7f:53:e4:41:ad:e3:b7:77:
99:ce:7f:09:06:e8:3e:fc:ac:b1:7a:71:71:85:8f:
c1:0d:99:96:95:7a:df:20:e4:5c:d8:66:e2:54:fd:
ce:2c:78:e8:d4:4e:6e:6d:4a:3c:17:83:d5:fa:03:
48:06:94:8f:5c:cf:c8:e2:0a:7f:35:ba:19:d8:94:
2c:6d:af:a8:fa:ad:81:01:cd:04:a0:7e:4c:51:e9:
e1:58:c5:ec:d6:29:8e:aa:42:42:28:71:2a:44:2c:
43:5d:c1:64:c3:5a:cb:97:77:d1:dd:ef:ac:0e:b4:
55:c1:82:4d:b6:6f:85:93:90:87:a1:e3:76:e5:fa:
2c:c2:d9:60:ee:4e:48:83:af:23:df:70:d4:5c:40:
a0:5d:8d:80:61:ec:35:fc:9e:a0:bf:e7:6a:30:97:
c2:d7:4e:52:0d:cb:13:03:a4:91:39:fc:78:4a:c3:
b8:fe:86:45:fa:ff:5a:14:cf:62:d2:55:3b:8b:0d:
b9:d4:3b:91:e9:c0:14:6e:fe:09:e2:82:9f:ff:d3:
a8:bb:da:97:18:3e:5e:27:5a:e7:27:6b:5d:6d:11:
f8:27:69:fc:09:87:29:a0:ab:74:d6:b3:b3:09:0e:
f9:16:97:b9:51:e5:6b:a1:40:be:e7:bb:c2:55:d3:
08:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:1F:16:D6:5D:BE:29:C1:64:54:6E:F0:33:8B:DB:28:73:78:47:76
X509v3 Authority Key Identifier:
keyid:BB:BB:2A:43:02:09:4F:4C:3F:5B:AD:A5:47:EF:4F:7E:DE:18:E9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u7sqQwIJT0w_W62lR-9Pft4Y6QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c399a4-53b6-4271-9b90-32bf1641fb3b/1/Ch8W1l2-KcFkVG7wM4vbKHN4R3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c399a4-53b6-4271-9b90-32bf1641fb3b/1/u7sqQwIJT0w_W62lR-9Pft4Y6QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.93.0/24
194.31.193.0/24
194.31.199.0/24
194.31.220.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:a0:b0:16:7a:4b:b9:66:2f:7f:76:b9:46:46:bd:5c:bf:34:
50:c4:83:0a:64:fb:f1:24:17:dc:04:50:9b:0e:66:b2:d2:8c:
47:6c:a1:5b:92:cd:8c:59:dd:32:ad:5e:a9:86:31:ee:52:90:
fc:b5:1e:17:ab:1a:a5:a2:45:94:d4:a6:49:fe:9f:31:28:fc:
6d:ce:fa:cd:bf:b0:69:e2:63:cd:1b:6a:c0:86:bf:a1:78:de:
59:c9:3d:9d:8e:10:9d:61:65:0b:16:43:85:ab:1d:c9:1b:bb:
3c:de:a0:78:8f:51:79:66:ee:b6:0e:cc:41:fc:60:b7:9e:e0:
64:aa:77:68:c6:12:f2:b3:17:14:7c:08:9c:55:80:36:7c:de:
71:a3:eb:97:e0:78:75:e3:30:aa:41:7c:bd:40:ba:21:8a:23:
f9:c1:cf:ec:e8:e2:e7:cf:a8:21:c4:ef:52:21:f9:3f:b7:df:
98:96:02:89:20:1d:99:79:92:a7:c2:00:ce:61:e8:6a:ef:e6:
88:28:73:2c:7f:a9:2e:58:89:35:2e:c1:cc:49:52:9e:88:ad:
19:b2:6d:ab:b8:92:3f:79:96:c0:a1:8e:d7:4e:e2:b0:88:dd:
9a:48:15:0c:fc:47:b6:ec:6a:40:bd:ac:16:5a:21:94:54:7a:
d1:9a:41:7a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQlj1J7AKQXK1v2aqEdrCKIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYmIyYTQzMDIwOTRmNGMzZjViYWRhNTQ3ZWY0ZjdlZGUx
OGU5MDMwHhcNMjUwMTAyMDU0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTFmMTZkNjVkYmUyOWMxNjQ1NDZlZjAzMzhiZGIyODczNzg0Nzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA74FWLXvNf1PkQa3jt3eZzn8JBug+
/KyxenFxhY/BDZmWlXrfIORc2GbiVP3OLHjo1E5ubUo8F4PV+gNIBpSPXM/I4gp/
NboZ2JQsba+o+q2BAc0EoH5MUenhWMXs1imOqkJCKHEqRCxDXcFkw1rLl3fR3e+s
DrRVwYJNtm+Fk5CHoeN25foswtlg7k5Ig68j33DUXECgXY2AYew1/J6gv+dqMJfC
105SDcsTA6SROfx4SsO4/oZF+v9aFM9i0lU7iw251DuR6cAUbv4J4oKf/9Oou9qX
GD5eJ1rnJ2tdbRH4J2n8CYcpoKt01rOzCQ75Fpe5UeVroUC+57vCVdMIbQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAofFtZdvinBZFRu8DOL2yhzeEd2MB8GA1UdIwQY
MBaAFLu7KkMCCU9MP1utpUfvT37eGOkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTdzcVF3SUpUMHdfVzYybFItOVBmdDRZNlFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jMzk5YTQtNTNiNi00MjcxLTliOTAt
MzJiZjE2NDFmYjNiLzEvQ2g4VzFsMi1LY0ZrVkc3d000dmJLSE40UjNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jMzk5YTQtNTNiNi00MjcxLTliOTAtMzJiZjE2NDFmYjNi
LzEvdTdzcVF3SUpUMHdfVzYybFItOVBmdDRZNlFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwh9dAwQA
wh/BAwQAwh/HAwQAwh/cMA0GCSqGSIb3DQEBCwUAA4IBAQBMoLAWeku5Zi9/drlG
Rr1cvzRQxIMKZPvxJBfcBFCbDmay0oxHbKFbks2MWd0yrV6phjHuUpD8tR4Xqxql
okWU1KZJ/p8xKPxtzvrNv7Bp4mPNG2rAhr+heN5ZyT2djhCdYWULFkOFqx3JG7s8
3qB4j1F5Zu62DsxB/GC3nuBkqndoxhLysxcUfAicVYA2fN5xo+uX4Hh14zCqQXy9
QLohiiP5wc/s6OLnz6ghxO9SIfk/t9+YlgKJIB2ZeZKnwgDOYehq7+aIKHMsf6ku
WIk1LsHMSVKeiK0Zsm2ruJI/eZbAoY7XTuKwiN2aSBUM/Ee27GpAvawWWiGUVHrR
mkF6
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:16:53 2025 by rpki-client